rope/nixos
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Reorganise hardware vs host config, tidy settings and services

Browse source
This commit is contained in:
ediblerope 2026-04-01 21:14:16 +01:00
parent effc4da3a6
commit 93ea194da4
13 changed files with 185 additions and 195 deletions
Download patch file Download diff file Expand all files Collapse all files

2
common.nix
View file

@ -54,6 +54,8 @@
boot.initrd.verbose = false; boot.initrd.verbose = false;
############################################################################# #############################################################################
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Use latest kernel # Use latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;

18
hosts/FredOS-Gaming.nix
View file

@ -23,19 +23,8 @@
onlyoffice-desktopeditors onlyoffice-desktopeditors
vscodium vscodium
]; ];
programs.nix-ld.enable = true; programs.nix-ld.enable = true;
services.lact.enable = true;
hardware.graphics = {
enable = true;
enable32Bit = true;
};
services.xserver.videoDrivers = ["amdgpu"];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "ntsync" ];
# Enable AMD GPU overdrive for overclocking/undervolting
boot.kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" "acpi_osi=\"!Windows 2015\"" "amdgpu.freesync_video=1"];
programs.steam = { programs.steam = {
enable = true; enable = true;
@ -46,10 +35,7 @@
]; ];
}; };
}; };
# Bootloader
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot.configurationLimit = 5; boot.loader.systemd-boot.configurationLimit = 5;
boot.initrd.systemd.enable = true; boot.initrd.systemd.enable = true;
}; };

70
hosts/FredOS-Macbook.nix
View file

@ -1,60 +1,22 @@
{ config, pkgs, lib, inputs, ... }: { config, pkgs, lib, inputs, ... }:
{ {
config = lib.mkMerge [ config = lib.mkIf (config.networking.hostName == "FredOS-Macbook") {
{ environment.systemPackages = with pkgs; [
nixpkgs.config.allowInsecurePredicate = pkg: tlp
(lib.hasPrefix "broadcom-sta" (lib.getName pkg)); vesktop
} adwaita-icon-theme
mission-center
vlc
geary
proton-vpn
onlyoffice-desktopeditors
];
(lib.mkIf (config.networking.hostName == "FredOS-Macbook") { services.tlp.enable = false;
# ... all your other settings (tlp, boot, firmware) ... services.power-profiles-daemon.enable = true;
environment.systemPackages = with pkgs; [ boot.loader.systemd-boot.configurationLimit = 5;
tlp boot.initrd.systemd.enable = true;
vesktop };
adwaita-icon-theme
mission-center
vlc
geary
proton-vpn
onlyoffice-desktopeditors
];
services.tlp.enable = false;
services.power-profiles-daemon.enable = true;
hardware.facetimehd.enable = true;
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
blacklistedKernelModules = [ "b43" "bcma" "ssb" ];
kernelParams = [ "acpi_osi=" ];
};
hardware.enableRedistributableFirmware = true;
boot.loader.systemd-boot.configurationLimit = 5;
boot.initrd.systemd.enable = true;
services.xserver.deviceSection = lib.mkDefault ''
Option "TearFree" "true"
'';
#Enable Bluetooth
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
Enable = "Source,Sink,Media,Socket";
Experimental = true;
};
};
};
})
];
} }

45
hosts/FredOS-Mediaserver.nix
View file

@ -1,41 +1,6 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
config = lib.mkIf (config.networking.hostName == "FredOS-Mediaserver") { config = lib.mkIf (config.networking.hostName == "FredOS-Mediaserver") {
# Individual Data Disks
fileSystems."/mnt/disk1" = {
device = "/dev/disk/by-uuid/90ae3493-38c1-4473-b409-e9d99c3b315e";
fsType = "ext4";
};
fileSystems."/mnt/disk2" = {
device = "/dev/disk/by-uuid/7145223e-f285-424a-a114-cb0b1b64e068";
fsType = "ext4";
};
fileSystems."/mnt/disk3" = {
device = "/dev/disk/by-uuid/58cecfd5-2fd7-4c4b-b3a1-0bf5e9d0beab";
fsType = "ext4";
};
fileSystems."/mnt/disk4" = {
device = "/dev/disk/by-uuid/317660ef-bd75-4fa4-bd20-f96a3926bf7b";
fsType = "ext4";
};
# The Combined MergerFS Pool
fileSystems."/mnt/storage" = {
device = "/mnt/disk1:/mnt/disk2:/mnt/disk3:/mnt/disk4";
fsType = "fuse.mergerfs";
options = [
"defaults"
"allow_other"
"use_ino"
"cache.files=partial"
"dropcacheonclose=true"
"category.create=mfs"
];
};
# Create symlink from home to storage # Create symlink from home to storage
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"L+ /home/fred/storage - - - - /mnt/storage" "L+ /home/fred/storage - - - - /mnt/storage"
@ -57,7 +22,7 @@
# Enable Docker # Enable Docker
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
# Basic networking # Basic networking
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
@ -67,13 +32,5 @@
enable = true; enable = true;
settings.PermitRootLogin = "no"; settings.PermitRootLogin = "no";
}; };
# Boot loader
boot.loader.grub = {
enable = true;
# Includes all 4 physical disks for redundancy
devices = [ "/dev/sda" "/dev/sdb" "/dev/sdc" "/dev/sdd" "/dev/sde" ];
useOSProber = true;
};
}; };
} }

22
hosts/hardware/FredOS-Gaming.nix
View file

@ -6,10 +6,15 @@
]; ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = [ "kvm-amd" "ntsync" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" "acpi_osi=\"!Windows 2015\"" "amdgpu.freesync_video=1" ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/e2731038-9c65-430a-8628-b018cd6b8d9f"; device = "/dev/disk/by-uuid/e2731038-9c65-430a-8628-b018cd6b8d9f";
fsType = "ext4"; fsType = "ext4";
@ -25,13 +30,14 @@
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "FredOS-Gaming"; networking.hostName = "FredOS-Gaming";
boot.loader.systemd-boot.enable = true; hardware.graphics = {
boot.loader.efi.canTouchEfiVariables = true; enable = true;
enable32Bit = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ]; };
services.xserver.videoDrivers = [ "amdgpu" ];
services.lact.enable = true;
system.stateVersion = "25.11"; system.stateVersion = "25.11";
} }

31
hosts/hardware/FredOS-Macbook.nix
View file

@ -8,7 +8,12 @@
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
boot.blacklistedKernelModules = [ "b43" "bcma" "ssb" ];
boot.kernelParams = [ "acpi_osi=" ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/e295ac26-bf7e-4b93-bc97-74c3c01de0e3"; device = "/dev/disk/by-uuid/e295ac26-bf7e-4b93-bc97-74c3c01de0e3";
@ -25,13 +30,27 @@
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "FredOS-Macbook"; networking.hostName = "FredOS-Macbook";
hardware.enableRedistributableFirmware = true;
hardware.facetimehd.enable = true;
boot.loader.systemd-boot.enable = true; nixpkgs.config.allowInsecurePredicate = pkg:
boot.loader.efi.canTouchEfiVariables = true; (lib.hasPrefix "broadcom-sta" (lib.getName pkg));
nix.settings.experimental-features = [ "nix-command" "flakes" ]; services.xserver.deviceSection = lib.mkDefault ''
Option "TearFree" "true"
'';
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
Enable = "Source,Sink,Media,Socket";
Experimental = true;
};
};
};
system.stateVersion = "25.11"; system.stateVersion = "25.11";
} }

45
hosts/hardware/FredOS-Mediaserver.nix
View file

@ -15,14 +15,53 @@
fsType = "ext4"; fsType = "ext4";
}; };
# Individual Data Disks
fileSystems."/mnt/disk1" = {
device = "/dev/disk/by-uuid/90ae3493-38c1-4473-b409-e9d99c3b315e";
fsType = "ext4";
};
fileSystems."/mnt/disk2" = {
device = "/dev/disk/by-uuid/7145223e-f285-424a-a114-cb0b1b64e068";
fsType = "ext4";
};
fileSystems."/mnt/disk3" = {
device = "/dev/disk/by-uuid/58cecfd5-2fd7-4c4b-b3a1-0bf5e9d0beab";
fsType = "ext4";
};
fileSystems."/mnt/disk4" = {
device = "/dev/disk/by-uuid/317660ef-bd75-4fa4-bd20-f96a3926bf7b";
fsType = "ext4";
};
# The Combined MergerFS Pool
fileSystems."/mnt/storage" = {
device = "/mnt/disk1:/mnt/disk2:/mnt/disk3:/mnt/disk4";
fsType = "fuse.mergerfs";
options = [
"defaults"
"allow_other"
"use_ino"
"cache.files=partial"
"dropcacheonclose=true"
"category.create=mfs"
];
};
swapDevices = [ ]; swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "FredOS-Mediaserver"; networking.hostName = "FredOS-Mediaserver";
nix.settings.experimental-features = [ "nix-command" "flakes" ]; boot.loader.grub = {
enable = true;
# Includes all 4 physical disks for redundancy
devices = [ "/dev/sda" "/dev/sdb" "/dev/sdc" "/dev/sdd" "/dev/sde" ];
useOSProber = true;
};
system.stateVersion = "25.11"; system.stateVersion = "25.11";
} }

56
readme.md
View file

@ -16,20 +16,41 @@ Flake-based NixOS configuration for three machines, built and deployed directly
├── .github ├── .github
│ └── workflows │ └── workflows
│ └── update.yml # Auto-updates flake.lock daily │ └── update.yml # Auto-updates flake.lock daily
├── apps # Per-app config files ├── apps
├── home-manager # Home Manager config │ ├── fastfetch.nix # Fastfetch config
│ ├── flatpaks.nix # Flatpak apps
│ └── zen.nix # Zen browser config
├── home-manager
│ ├── fred.nix # User-level Home Manager config
│ └── gnome-hm.nix # GNOME Home Manager settings
├── hosts ├── hosts
│ ├── FredOS-Gaming.nix # Gaming-specific config │ ├── FredOS-Gaming.nix # Gaming: packages, Steam, boot options
│ ├── FredOS-Macbook.nix # Macbook-specific config │ ├── FredOS-Macbook.nix # Macbook: packages, power management, boot options
│ ├── FredOS-Mediaserver.nix # Mediaserver-specific config │ ├── FredOS-Mediaserver.nix # Mediaserver: packages, networking, SSH
│ └── hardware │ └── hardware
│ ├── FredOS-Gaming.nix # Hardware config + bootloader + hostname │ ├── FredOS-Gaming.nix # AMD GPU, kernel modules, filesystems, bootloader, hostname
│ ├── FredOS-Macbook.nix │ ├── FredOS-Macbook.nix # Broadcom WiFi, Intel GPU, Bluetooth, filesystems, bootloader, hostname
│ └── FredOS-Mediaserver.nix │ └── FredOS-Mediaserver.nix # Intel CPU, data disks, mergerfs pool, GRUB, hostname
├── services # Service definitions ├── services
├── settings # Shared system settings (GNOME, locale, audio, etc.) │ ├── bazarr.nix # Subtitle management
│ ├── cloudflare-ddns.nix # Cloudflare dynamic DNS
│ ├── game-servers.nix # Game server definitions
│ ├── go2rtc.nix # Camera/RTSP streaming
│ ├── jellyfin.nix # Media server
│ ├── nginx.nix # Reverse proxy
│ ├── omnisearch.nix # OmniSearch service
│ ├── prowlarr.nix # Indexer manager
│ ├── qbittorrent-nox.nix # Torrent client
│ ├── radarr.nix # Movie management
│ ├── server-permissions.nix # File/dir permission setup
│ └── sonarr.nix # TV management
├── settings
│ ├── audio.nix # PipeWire / audio config
│ ├── gnome.nix # GNOME desktop settings
│ ├── locale.nix # Locale, timezone, keyboard
│ └── users.nix # User accounts
├── walls # Wallpapers ├── walls # Wallpapers
├── common.nix # Shared config for all hosts ├── common.nix # Shared config imported by all hosts
├── flake.lock # Auto-generated, updated daily by GitHub Actions ├── flake.lock # Auto-generated, updated daily by GitHub Actions
└── flake.nix # Flake inputs and host definitions └── flake.nix # Flake inputs and host definitions
``` ```
@ -62,7 +83,7 @@ clean # sudo nix-collect-garbage -d
### 1. Fresh NixOS install ### 1. Fresh NixOS install
Boot the NixOS installer and complete the standard installation. Note the `system.stateVersion` it generates — you'll need it later. Boot the NixOS installer and complete the standard installation.
### 2. Enable flakes temporarily ### 2. Enable flakes temporarily
@ -78,23 +99,18 @@ sudo nixos-rebuild switch
### 3. Create the hardware config on GitHub ### 3. Create the hardware config on GitHub
Copy the contents of `/etc/nixos/hardware-configuration.nix` and create `hosts/hardware/FredOS-NEWHOST.nix` on GitHub. Append the following to it: Copy the contents of `/etc/nixos/hardware-configuration.nix` and create `hosts/hardware/FredOS-NEWHOST.nix` on GitHub. Append the hostname and bootloader config to it:
```nix ```nix
networking.hostName = "FredOS-NEWHOST"; networking.hostName = "FredOS-NEWHOST";
# Match what the installer configured — systemd-boot for UEFI: # For UEFI/systemd-boot machines:
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot.configurationLimit = 5;
boot.initrd.systemd.enable = true;
# For BIOS/GRUB machines instead: # For BIOS/GRUB machines instead:
# boot.loader.grub.enable = true; # boot.loader.grub.enable = true;
# boot.loader.grub.devices = [ "/dev/sda" ]; # verify with: sudo grub-probe --target=disk / # boot.loader.grub.devices = [ "/dev/sda" ]; # verify with: sudo grub-probe --target=disk /
nix.settings.experimental-features = [ "nix-command" "flakes" ];
system.stateVersion = "25.11"; # use the version the installer generated
``` ```
### 4. Register the host in flake.nix ### 4. Register the host in flake.nix
@ -113,7 +129,7 @@ Create `hosts/FredOS-NEWHOST.nix` on GitHub for any machine-specific packages or
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
config = lib.mkIf (config.networking.hostName == "FredOS-NEWHOST") { config = lib.mkIf (config.networking.hostName == "FredOS-NEWHOST") {
# host-specific config here # host-specific packages and services here
}; };
} }
``` ```

14
services/qbittorrent-nox.nix
View file

@ -19,6 +19,20 @@
gid = 3000; gid = 3000;
}; };
systemd.tmpfiles.rules = [
# qbittorrent app data
"d /var/lib/qbittorrent 0755 qbittorrent media -"
"d /var/lib/qbittorrent/.config 0755 qbittorrent media -"
"d /var/lib/qbittorrent/.config/qBittorrent 0755 qbittorrent media -"
"d /var/lib/qbittorrent/.local 0755 qbittorrent media -"
"d /var/lib/qbittorrent/.local/share 0755 qbittorrent media -"
"d /var/lib/qbittorrent/.local/share/qBittorrent 0755 qbittorrent media -"
# Storage - qbittorrent downloads here
"d /mnt/storage/torrents/downloads 2775 qbittorrent media -"
"Z /mnt/storage/torrents/downloads 2775 qbittorrent media -"
];
systemd.services.qbittorrent-nox = { systemd.services.qbittorrent-nox = {
description = "qBittorrent-nox service"; description = "qBittorrent-nox service";
after = [ "network.target" ]; after = [ "network.target" ];

22
services/server-permissions.nix
View file

@ -3,25 +3,9 @@
{ {
config = lib.mkIf (config.networking.hostName == "FredOS-Mediaserver") { config = lib.mkIf (config.networking.hostName == "FredOS-Mediaserver") {
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
# qbittorrent app data # Audiobooks - manually managed, no dedicated service yet
"d /var/lib/qbittorrent 0755 qbittorrent media -" "d /mnt/storage/torrents/audiobooks 2775 fred media -"
"d /var/lib/qbittorrent/.config 0755 qbittorrent media -" "Z /mnt/storage/torrents/audiobooks 2775 fred media -"
"d /var/lib/qbittorrent/.config/qBittorrent 0755 qbittorrent media -"
"d /var/lib/qbittorrent/.local 0755 qbittorrent media -"
"d /var/lib/qbittorrent/.local/share 0755 qbittorrent media -"
"d /var/lib/qbittorrent/.local/share/qBittorrent 0755 qbittorrent media -"
# Storage - qbittorrent downloads here
"d /mnt/storage/torrents/downloads 2775 qbittorrent media -"
"Z /mnt/storage/torrents/downloads 2775 qbittorrent media -"
# Shows - sonarr organises, bazarr writes subtitles
"d /mnt/storage/torrents/shows 2775 sonarr media -"
"Z /mnt/storage/torrents/shows 2775 sonarr media -"
# Audiobooks
"d /mnt/storage/torrents/audiobooks 2775 sonarr media -"
"Z /mnt/storage/torrents/audiobooks 2775 sonarr media -"
]; ];
}; };
} }

6
services/sonarr.nix
View file

@ -19,5 +19,11 @@
group = "media"; group = "media";
extraGroups = [ "media" ]; extraGroups = [ "media" ];
}; };
systemd.tmpfiles.rules = [
# Shows - sonarr organises, bazarr writes subtitles
"d /mnt/storage/torrents/shows 2775 sonarr media -"
"Z /mnt/storage/torrents/shows 2775 sonarr media -"
];
}; };
} }

30
settings/audio.nix
View file

@ -1,21 +1,23 @@
# audio.nix # audio.nix
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
services.pulseaudio.enable = false; config = lib.mkIf (lib.elem config.networking.hostName [ "FredOS-Gaming" "FredOS-Macbook" ]) {
security.rtkit.enable = true; services.pulseaudio.enable = false;
services.pipewire = { security.rtkit.enable = true;
enable = true; services.pipewire = {
alsa.enable = true; enable = true;
alsa.support32Bit = true; alsa.enable = true;
pulse.enable = true; alsa.support32Bit = true;
pulse.enable = true;
extraConfig."pipewire-pulse"."10-quirk-rules" = { extraConfig."pipewire-pulse"."10-quirk-rules" = {
"pulse.rules" = [ "pulse.rules" = [
{ {
matches = [ { "application.name" = "~Chromium.*"; } ]; matches = [ { "application.name" = "~Chromium.*"; } ];
actions = { quirks = [ "block-source-volume" ]; }; actions = { quirks = [ "block-source-volume" ]; };
} }
]; ];
};
}; };
}; };
} }

19
settings/users.nix
View file

@ -2,16 +2,13 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
config = lib.mkIf (lib.elem config.networking.hostName [ "FredOS-Gaming" "FredOS-Macbook" "FredOS-Mediaserver" ]) { # Define a user account. Don't forget to set a password with 'passwd'.
# Define a user account. Don't forget to set a password with 'passwd'. users.users.fred = {
users.users.fred = { isNormalUser = true;
isNormalUser = true; description = "fred";
description = "fred"; extraGroups = [ "networkmanager" "wheel" "docker" ];
extraGroups = [ "networkmanager" "wheel" "docker" ]; packages = with pkgs; [
packages = with pkgs; [ bazaar
bazaar ];
fastfetch
];
};
}; };
} }